Architecture of database application with robust online recoverability
An architecture for efficiently identifying the scope and timeframe of database errors, providing online history images, creating online point-in-time views of application tables, reconstructing equivalent SQL statements of a committed transaction or of a user session, providing a selective audit trail report on demand, and permitting selective online rollbacks in an application database. The rollback can be done on a single row, a single transaction, a group transactions, a user session, or all user tables. The system includes after images tables and before images tables and tracks all before images of user application tables when a user performs an INSERT, UPDATE, or DELETE operation with respect to a row in a table. Also, the system is provided to generate history images of application tables at a point-in-time, and to selectively rollback, or undo whole or a portion of application tables, to generate a selective audit trail report on demand, and to manage the before images.
Latest SBC Knowledge Ventures, L.P. Patents:
- System and Method of Presenting Caller Identification Information at a Voice Over Internet Protocol Communication Device
- SYSTEM AND METHOD OF ENHANCED CALLER-ID DISPLAY USING A PERSONAL ADDRESS BOOK
- System and Method of Processing a Satellite Signal
- System and Method of Automated Order Status Retrieval
- System and Method of Authorizing a Device in a Network System
The present invention relates to databases, and more specifically, to a method and system of providing online history images, creating online point-in-time views of application tables, reconstructing equivalent SQL statements of a committed transaction, providing a selective audit trail report on demand, and selectively performing an online rollback in an application database.
2. BACKGROUND AND MATERIAL INFORMATIONIn typical database systems, end users store, update and retrieve information by submitting commands to a database application. For instance, the commands may be submitted in the ubiquitous structured query language (SQL). Unfortunately, most if not all database systems are susceptible to hardware or system failures that can result in a loss of data or a corruption of data. Moreover, it is well known that user errors or application errors create more database logical errors than do hardware and system failures. Unlike physical errors created by hardware or system failures, logical errors created by users and/or applications are more difficult to detect, harder to identify in scope, and generally require more time and resources to resolve.
Most database vendors provide methods to recover a database when a hardware failure or system failure occurs. That is, the entire database can be recovered to a state that existed at a specified time in the past. However, most database vendors do not provide a method of directly rollbacking a selected portion of the database. In most cases, after identifying the errors and the scope of the errors, a database administrator has to manually rollback a selected portion of data to a specified time in a primary database with the help of a secondary database built to the specified time. The second database will then use a transaction log from the primary database to move forward to the specified time. The set up time for a secondary database is very time consuming, and for each specified time, one needs to set up a secondary database. Furthermore, if the database administrator decides to move back farther in time, then the database administrator must set up another secondary database from the backup copy and move forward to the new specified time. After the selective rollback, the database administrator must also perform additional administrative tasks to bring the application data to a logical consistent state.
Oracle provides a method of querying data at a point-in-time (Flashback Query, Oracle9i Application Developer's Guide—Fundamentals, pp. 7-34). The Flashback Query allows the selective rollback of a portion of a database with some limitations. For instance, one limitation is that the undo space of the database needs to be managed by an automatic undo management to use this feature effectively. The undo segment consumes a lot more disk space than the related data rows do in their related tablespaces. Thus, the availability of the storage capacity will limit how far back in the time the Flashback can query the database. Another limitation is that the specified period of time (i.e., undo retention period) in which the Flashback can query back into the past is the same for all of the tables. Specifically, Oracle uses a single initialization parameter (i.e., UNDO_RETENTION) to control how far into the past a user may query the database. Moreover, the user does not have a choice of assigning a different undo retention period for each different table. Further, unimportant tables may use a lot more of the undo segment space than do the more important tables. When the undo space is full, some unexpired undo spaces will be reused such that the data related to the reused undo space can not be flashbacked to the retention time.
An additional limitation that exists with the prior art system is that a database administrator is not able to obtain a precise flashback. Essentially, the time specified in DBMS_FLASHBACK.ENABLE_AT_TIME statement or in an AS OF TIMESTAMP clause is mapped to a system commit number (SCN), which serves as the basis for flashback queries. Thus, flashback query results are based on the SCN. The database tracks and records the SCN at five minute intervals after database startup, and logs the information for the five most recent days of operation. Any timestamp used in the Flashback query may be rounded down by up to five minutes. The Flashback is not available for a newly created table for up to five minutes. Further, since the database logs the information for only the five most recent days of operation, the user needs to keep track of the SCNs (or otherwise determine the SCNs) if the user wants to flashback by more than five days. Despite doing so, the undo data may be overwritten, in which case the Flashback query will result in an error.
Another limitation is that some structure changes of a table, like the drop/modify column of the table will invalidate the undo data. Therefore, the user cannot query data earlier than the time the table was changed. Still another limitation is that the user cannot Flashback a remote table through a database link. An additional limitation is that the performance of a flashback query depends on how much data needs to be recreated, which is an expensive process. Another limitation is that the change history of a row is not easy to obtain through the Flashback query. That is, the Flashback provides one view at a specific time, as opposed to a continuous view.
Thus, it would be advantageous to quickly and efficiently identify the scope and timeframe of a database application error in order to reduce the mean time to repair and the database downtime. Furthermore, it would be desirable to provide online history images, create online point-in-time views of application tables, reconstruct the equivalent SQL statements of a committed transaction, provide a selective audit trail report on demand, and permit selective online rollbacks a single row, a single transaction, a user session, or all user tables in an application database.
BRIEF DESCRIPTION OF THE DRAWINGSThe present invention is further described in the detailed description that follows, by reference to the noted drawings by way of non-limiting examples of embodiments of the present invention, in which like reference numerals represent similar parts throughout several views of the drawings, and in which:
The present invention relates to efficiently identifying the scope and timeframe of database errors, providing online history images, creating online point-in-time views of application tables, reconstructing the equivalent SQL statements of a committed transaction, providing a selective audit trail report on demand, and permitting selective online rollbacks in an application database. The rollback can be done on a single row, a single transaction, a group transactions, a user session, or all user tables.
In view of the above, the present invention through one or more of its various aspects and/or embodiments is presented to accomplish one or more objectives and advantages, such as those noted below.
According to one aspect of the present invention, a method is provided for creating an online point-in-time view of an application table of an active database that has at least one before image table and at least one after image table. Initially, the method includes retrieving a retention time of the application table and making a determination that a particular point-in-time is greater than or equal to the retention time. The method further includes creating the point-in-time view of the application table. The view includes a union of a set of rows from the after image table having a timestamp less than or equal to the point-in-time and a set of rows from the before image table having a timestamp less than or equal to the point-in-time and having a changing timestamp greater than the point-in-time.
According to another aspect of the present invention, a method is provided for creating an online point-in-time view of an application table of an active database that has at least one before image table and at least one after image table. Initially, the method includes retrieving a transaction id set associated with a transaction id that begins before or at a point-in-time and ends after the point-in-time, retrieving a retention time of the application table, and making a determination that the point-in-time is greater than or equal to the retention time. The method further includes creating the point-in-time view of the application table. The view includes a union of a set of rows from the after image table having a timestamp that is less than or equal to the point-in-time and having a transaction id that is not a proper subset of the transaction id set, and a set of rows from the before image table having a timestamp less than or equal to the point-in-time, and having a transaction id that is not a proper subset of the transaction id set, and having a changing transaction id that is a proper subset of the transaction id set or having a changing timestamp that is greater than the point-in-time.
According to another aspect of the present invention, a method is provided for rollbacking at least one table of an active database to a point-in-time, in which the database has at least one before image table and at least one after image table. The method includes retrieving a retention time for each of the at least one table, determining that none of the retention times for the at least one table is greater than the point-in-time, locking all tables to be rollbacked, and disabling all related integrity constraints. Then, rows are deleted from each of the at least one after image table that have a timestamp greater than the point-in-time. The method further includes inserting into each of the at least one after image table, rows from the associated before image table having a timestamp less than or equal to the point-in-time and having a changing timestamp greater than the point-in-time. Lastly, all related integrity constraints are enabled.
According to another aspect of the present invention, a method is provided for rollbacking at least one table of an active database to a point-in-time, in which the database has at least one before image table and at least one after image table. The method includes retrieving a retention time for each of the at least one table, determining that none of the retention times for each of the at least one table is greater than the point-in-time, retrieving a transaction id set associated with a transaction id that begins before or at the point-in-time and ends after the point-in-time, locking all tables to be rollbacked, and disabling all related integrity constraints. Further, the method includes deleting rows from each of the at least one after image table having a timestamp greater than the point-in-time or having a transaction id that is a proper subset of the transaction id set. The method also includes inserting into each of the at least one after image table, rows from the associated before image table having a timestamp less than or equal to the point-in-time and having a transaction id that is not a proper subset of the transaction id set, and having a changing transaction id that is a proper subset of the transaction id set or having a changing timestamp that is greater than the point-in-time. Lastly, all related integrity constraints are enabled.
Another aspect of the present invention is to provide a method of rollbacking selected rows in a table of an active database to a point-in-time, in which the database has at least one before image table and at least one after image table. The method includes retrieving a retention time of the table, determining that the point-in-time is greater than or equal to the retention time, locking the table to be rollbacked, and disabling all related integrity constraints. The method further includes deleting selected rows from the after image table having a timestamp greater than the point-in-time, and inserting into the after image table, selected rows from the before image table having a timestamp less than or equal to the point-in-time and having a changing timestamp that is greater than the point-in-time. Then, all related integrity constraints are enabled.
According to another aspect of the present invention, a method is provided for rollbacking selected rows in a table of an active database to a point-in-time, in which the database has at least one before image table and at least one after image table. The method includes retrieving a transaction id set associated with a transaction id that begins before or at the point-in-time and ends after the point-in-time, retrieving a retention time of the table, determining that the point-in-time time is greater than or equal to the retention time, locking the table to be rollbacked, and disabling all related integrity constraints. The method further includes deleting selected rows from the after image table having a timestamp greater than the point-in-time or having a transaction id that is a member of the transaction id set. Still further, the method includes inserting into the after image table, selected rows from the before image table having a timestamp that is less than or equal to the point-in-time and having a transaction id that is not a proper subset of the transaction id set, and having a changing transaction id that is a proper subset of the transaction id set or having a changing timestamp that is greater than the point-in-time. Lastly, all related integrity constraints are enabled.
According to another aspect of the present invention, a method is provided for obtaining a history of a single data row of a table of an active database, in which the database has at least one before image table and at least one after image table. The method includes retrieving a data row set comprising the union of zero or one selected row from the after image table and zero or more selected deleted rows from the before image table, determining that the data row set is not empty, and recursively finding all associated parent rows for each data row in the data row set. The finding may further include recursively finding all rows having a changing timestamp that equals a previous row's timestamp, in which the previous row is associated with the rows. The finding may further include recursively finding all rows having a changing timestamp and a changing transaction id that equals a previous row's timestamp and transaction id, in which the previous row is associated with the rows.
According to another aspect of the present invention, a method is provided for rollbacking a transaction id set in a group of tables of an active database, in which the database has at least one before image table and at least one after image table. The method includes retrieving an earliest starting time of the transaction id set, retrieving a latest retention time for all of the tables, determining that the earliest starting time is greater than the latest retention time, locking all tables to be rollbacked, and disabling all related integrity constraints. Then, the method includes rollbacking the transaction id set in the group of tables and enabling all related integrity constraints. The method may further include deleting rows from the after image table having a transaction id that is a member of the transaction id set, selecting earliest before image rows from the before image table having a transaction id that is a proper subset of the transaction id set, or having a changing transaction id that is a proper subset of the transaction id set, having an earliest timestamp, deleting any after image of a row from the after image table when a transaction id of the row is a proper subset of the transaction id set and a changing transaction id of the row is not equal to a current transaction id, and deleting any after image of a row from the after image table and inserting a before image from the row into the after image table when the transaction id of the row is not a proper subset of the transaction id set and the changing transaction id is a proper subset of the transaction id set. The method may further include deleting rows from the after image table having a transaction id that is a member of the transaction id set, selecting before image rows and any descendants from the before image table having a transaction id that is a proper subset of the transaction id set or having a changing transaction id that is a proper subset of the transaction id set, grouping the selected rows into families, removing any families having an earliest transaction id that is a proper subset of the transaction id set, inserting an earliest returned before image in a family into the after image table when the last changing transaction id of the family is equal to a current transaction id, and inserting an earliest returned before image in a family into the after image table when the last changing transaction id of the family is a proper subset of the transaction id set and if no after image of the family exists.
Another aspect of the present invention is to provide a method for rollbacking all transactions made in a user session of an active database. The method includes retrieving selected parameters associated with the user session, and retrieving names of the tables used by a user and transaction ids made by the user during a session, in which the session is defined by a user login time and logout time. Further, the method includes retrieving an earliest starting time of the transaction id set, retrieving a latest retention time for all of the tables, determining that the earliest starting time is greater than the latest retention time, and rollbacking the transaction set from the tables.
According to another aspect of the present invention, a system is provided for use with an active database for performing at least one of online selectively rollbacking at least one application table or selected application data in at least one table, creating online point-in-time views of application tables, providing online history images associated with the database, reconstructing equivalent SQL statements of a committed transaction, reconstructing equivalent SQL statements of a user session, and providing a selective audit trail report on demand. The system includes multiple user application after image tables, in which each of the tables has one before image table to store before images, and one after image view. The table is provided that includes a table having a table name field, a retention time field, and an export timestamp field. Further, an image manager is included that creates image views and a rollback manager is provided to manage the first table.
The system may also include a second table that contains fields associated with a user session. Further, the system may include a third table that has fields associated with a transaction id, starting timestamp, and ending timestamp. The image manager further include an inserting trigger that sets parameters for an inserted row in the after image tables, an updating trigger that inserts an original row into a before image table and sets parameters associated with the changed row in the after image tables and the before image tables, and a deleting trigger that inserts the original row into the before image table and sets parameters associated with the changed row in the before image tables. A transaction trigger may be provided that records each transaction id and a login/logout trigger may be provided that records a time when a user enters or exits the database. The after image tables may also include at least one of a timestamp field, user id field, and transaction id field. Further, the rollback manager performs at least one of rollbacking at least one table to a point-in-time, rollbacking selected rows in a single table to a point-in-time, rollbacking a transaction id set in a group of tables, rollbacking all transactions made in a user session, reconstructing equivalent SQL statements of a transaction id set in a group of tables, reconstructing equivalent SQL statements of a user session in a group of tables, and providing a selective audit trail report on demand.
Another aspect of the present invention is to provide a computer readable medium that contains instructions for implementing application tables in a database and tracking images. The instructions include executable instructions for implementing at least one after image table that stores current database images; and a before image table associated with each of the at least one after image table that stores previous images of the current database images. The at least one after image table and the before image table are available for online viewing.
Further, each of the after image tables may include at least one of a timestamp field, a userid field, and a transaction id field. Still further, each of the before image tables includes at least one of a changing timestamp field, a changing userid field, a changing transaction id field, and an opcode. Yet further, each of the before image tables further include a field associated with a field in the associated after image table.
According to another aspect of the present invention, a method is provided for reconstructing equivalent SQL statements of a transaction id set in a group of tables of an active database, in which the database has at least one before image table and at least one after image table. The method includes retrieving an earliest starting time of the transaction id set, retrieving a latest retention time for all related tables, and making a determination that the earliest starting time is greater than the latest retention time. A delete SQL statement is created for each deleted row in each of the before image tables having a changing transaction id that is a proper subset of the transaction id set. An update SQL statement is created using the after image in one of the after image table or the before image table associated thereof by the relation that the timestamp and transaction id of an associated child row are equal to a changing timestamp and changing transaction id of an associated parent row, respectively, for each updated row in each of the before image tables having a changing transaction id that is a proper subset of the transaction id set. An insert SQL statement is created for each row in each of the before image tables having a transaction id that is a proper subset of the transaction id set and an associated timestamp and transaction id do not exist in the before image as the changing timestamp, changing transaction id. An insert SQL statement is created for each row in each of the after image tables having a transaction id that is a proper subset of the transaction id set and an associated timestamp and transaction id do not exist in the before image as the changing timestamp, changing transaction id.
According to another aspect of the present invention, a method is provided for reconstructing equivalent SQL statements of a transaction id set in a group of tables of an active database, in which the database has at least one before image table and at least one after image table. The method includes retrieving an earliest starting time of the transaction id set, retrieving a latest retention time for all related tables, and determining that the earliest starting time is greater than the latest retention time. A delete SQL statement is created for each deleted row in each of the before image tables having a changing transaction id that is a proper subset of the transaction id set. An update SQL statement is created using an after image of an associated child row in one of the after image table or the before image table for each updated row in each of the before image tables having a changing transaction id that is a proper subset of the transaction id set. An insert SQL statement is created for each row without an associated parent row in the each of the before and after image tables having a transaction id that is a proper subset of the transaction id set.
According to another aspect of the present invention, a method is provided for reconstructing equivalent SQL statements of all transactions made in a user session of an active database. The method includes retrieving selected parameters associated with the user session and retrieving names of tables used by a user and transaction ids made by the user during the session, in which the session is defined by a user login time and a user logout time. The method further includes retrieving an earliest starting time of the transaction id set, retrieving a latest retention time for all of the tables, determining that the earliest starting time is greater than the latest retention time, and reconstructing equivalent SQL statements of the transaction id set from the tables.
Another aspect of the present invention is to provide a method for reconstructing equivalent SQL statements of all transactions made in a user session of an active database, in which the database has at least one before image table and at least one after image table. The method includes retrieving selected parameters associated with the user session and retrieving names of tables used by a user during the session, in which the session is defined by a user login time and a user logout time. The method further includes retrieving a latest retention time for all of the tables; and determining that the login time is greater than the latest retention time. A delete SQL statement is created for each deleted row in the before image tables having a changing userid containing a user session id and a changing timestamp between the session starting timestamp and the session ending timestamp. An update SQL statement is created using an after image of an associated child row in one of the after image tables or the before image tables for each updated row in the before image tables having a changing userid containing the user session id and a changing timestamp between the session starting timestamp and the session ending timestamp. An insert SQL statement is created for each row without an associated parent row in each of the before and after image tables having a userid containing the user session id and a timestamp between the session starting timestamp and the session ending timestamp.
According to another aspect of the present invention, a method is provided for creating a selective audit trail report associated with activities of an application database user during a particular period, in which the activities include multiple database sessions. The method includes retrieving userids and unique session ids associated with the user during the period, retrieving names of any tables having any transactions made during the database sessions with one of retrieved unique session ids, retrieving an earliest start time of the sessions, retrieving a latest retention time for all of the tables whose names were retrieved, and making a determination that the starting time is greater than the latest retention time. The method further includes reconstructing equivalent SQL statements for all of the sessions, associating each reconstructed update and delete statement with an associated changing session id, changing timestamp, and changing userid, and adding the changing transaction id to the association if the database provides the user with transaction id tracking. Further, the method includes associating each reconstructed insert statement with an associated session id, timestamp, and userid, and adding the transaction id to the association if the database provides the user with transaction id tracking.
According to another aspect of the present invention, a method is provided for rollbacking transactions made in a user session in a group of tables of an active database, in which the database has at least one before image table and at least one after image table. The method includes retrieving a starting time, an ending time, a unique session id of the user session, retrieving a latest retention time for all of the tables, and making a determination that the starting time is greater than the latest retention time. Further, the method includes locking all tables to be rollbacked, disabling all related integrity constraints, rollbacking the transactions made in the user session in the group of tables, and enabling all related integrity constraints.
The unique session id may include a unique session id provided by a database vendor or may include a session id and the starting timestamp of the session. The method may further include deleting rows from the after image table having a unique session id that is equal to the user session's unique session id and selecting earliest before image rows, having an earliest timestamp, from the before image table having a unique session id that is equal to the user session's unique session id, or having a changing unique session id that is equal to the user session's unique session id. Further, the method may include deleting any after image of a row from the after image table if a unique session id of the row is equal to the user session's unique session id and a changing unique session id of the row is not equal to a current session's unique session id, or deleting any after image of a row from the after image table and inserting a before image from the row into the after image table if the unique session id of the row is not equal to the user session's unique session id set and the changing unique session id is equal to the user session's unique session id.
Further, the method may include deleting rows from the after image table having a unique session id that is equal to the user session's unique session id selecting before image rows and any descendants from the before image table having a unique session id that is equal to the user session's unique session id or having a changing unique session id that is equal to the user session's unique session id, grouping the selected rows into families, and removing any families having an earliest unique session id that is equal to the user session's unique session id. The method may further include inserting an earliest returned before image in a family into the after image table when the last changing unique session id of the family is equal to a current session's unique session id, or inserting an earliest returned before image in the family into the after image table when the last changing unique session id of the family is equal to the user session's unique session id and if no after image of the family exists.
According to the present invention a timestamp field, userid and transaction_id field are added to each application table (i.e., after image table) to record the timestamp, userid and transaction id of the last insert, or update operation on a data row. Additionally, one before image table is created for each user application table. Each before image table includes a changing_timestamp, changing_userid, changing_transaction_id, and opcode field, in addition to the fields of its associated after image table. That is, the term changing used before the field name indicates that it pertains to the operation that moves a before image row from an after image table to the associated before image table. Further, as will be shown, systems are provided to track all before images of user application tables and to set up all new added fields when a user performs an INSERT, UPDATE, or DELETE operation with respect to a row in a table. Also, a system is provided to generate history images of application tables at a point-in-time, to reconstruct the equivalent SQL statements of a committed transaction, to selectively rollback or undo, an entire or a portion of at least one application table, and to manage the before images.
The Rollback Timestamp Tracking Table 341 includes the following fields: owner name, table name, retention time, and export_timestamp. The owner name identifies the owner of the particular table. The table name field identifies the name of the particular table. The retention time field of a table records the earliest time that the before images are kept online. In those database systems where the transaction id is accessible to an application user, the retention time is transaction consistent. All before images of any transaction whose transaction ending time at or after the retention time are kept online. The export_timestamp field records the time of the latest export of older before images. The rollback management system 380 manages the Rollback Timestamp Tracking Table 341. The transaction ID tracking table 342 includes the following fields: transaction id, userid, starting_timestamp and ending_timestamp. The transaction ID tracking data can be created online by the database system, or by an application process. The tracking data can also be created as needed through the image management system 370. Time-based After Image Views 355, 365 and History Image Views 356, 366 are created by the image management system 370.
The user session tracking table 343 includes the following fields: user_id, osuser_id, session_id, process_id, terminal_id, login_timestamp, and logout_timestamp. A login and logout trigger will record each user session in the user session tracking table 343. It is noted that in this document a user_id is defined as a user's database id, whereas userid and changing_userid are comprised of its user_id, process_id and session_id. The osuser_id is a user's operating system id.
An exemplary precision for all timestamps is that no more than one database insert/update/delete operation can be performed in any one time unit on any single data row. The requirement for the timestamp precision is that the timestamp and transaction id pair is unique in any single before image and after image table. For instance, a resolution of one nanosecond may be employed; however, a resolution of microsecond may also be employed, especially using a computer with a relatively slow central processing unit (CPU). In one aspect, the precision requirement can be lowered as long as the timestamp and transaction id pair is a component of a unique key in any single before image and after image table. For most methods of the present invention, the precision requirement can be lowered to no more than one database insert/update/delete operation performed in one time unit in any transaction on any single data row. In an another words, no data row can have more than one database insert/update/delete operation in any one time unit. However, a possible exception to this arises in some databases whose DBMS vendor does not provide users the transaction id access when attempting to obtain the change history of a single row in a table that does not have a unique key.
The transaction ID could use the database transaction id when it is easily accessible as with the Oracle database. Otherwise, the application programs would need to be modified in order to provide a unique id for each transaction.
Each application table (ie., after image tables) 351, 361 includes the following fields: timestamp, userid and transaction_id. A new before image table 353, 363 is created for each user application table, wherein each before image table 353, 363 is comprised of fields changing_timestamp, changing_userid, changing_transaction_id and opcode in addition to the fields of its associated after image table. For instance, the opcode field could be either “U” for an update or “D” for a deletion.
A new after image view 354, 364 is created for each after image table 351, 361 without the newly added fields, with a possible exception of the transaction_id when application programs provide the transaction id. In this case, a user application does not access the after and before image tables directly. Instead, all of their operations are through the after image views 354, 364.
For a user table, three triggers, or equivalent procedures, are employed as follows. The insert trigger sets timestamp, userid and transaction_id fields for a new inserted row in the after image table 351, 361. The update trigger inserts the old row into the associated before image table 353, 363 and sets the changing_timestamp, changing_userid, changing_transaction_id fields and sets the opcode field to “U”. Then, the update trigger sets the old row's timestamp, userid and transaction_id fields to changing_timestamp, changing_userid, changing_transaction_id, respectively, in the after image table 351, 361. The delete trigger inserts the old row into the associated before image table 353, 363 and sets the changing_timestamp, changing_userid, changing_transaction_id fields and sets the opcode field to “D”.
Application audit data is embedded in the before image table 353, 363, the after image tables 351, 361, the Transaction Ids Tracking table 342 and the User Session Tracking Table 343. From these tables, an on demand audit report can be generated as to the database activities of a particular user (including the time in which certain data was added and/or modified and/or deleted by a user), using the same principles of reconstructing equivalent SQL statements of a committed transaction or a user session, as will be discussed and which is depicted in
Xidi={Xid|C(Xid,Ti) is True},
where the function C(Xid,Ti)=true when the transaction begins before or at the time Ti and ends after the time Ti. Also at step 400, a loop is begun by setting the table index to j=1. At step 410, the retention time Trj of table TBj is retrieved from the Rollback Timestamp Tracking Table 341. At step 420, it is determined whether Ti>=Trj. If Ti>=Trj (step 420:YES), then step 420 has a positive result and control is transferred to step 440. At step 440, the point-in-time view of table TBj is set as follows where cXid is a changing_transaction_id:
- Viewj={rows from the after image table whose timestamp<=Ti and Xid Xidi}∪
- {rows from the before image table whose timestamp<=Ti
- and XidXidi and (cXid⊂Xidi or changing_timestamp>Ti)}.
At step 450, a determination is made as to whether all of the tables have been processed. If all of the tables have been processed (step 450:YES), control is transferred to block 470. At this point, all views will either have been created or error messages will have been generated for those tables whose retention time is later than the point-in-time Ti. At step 470, a created point-in-time views'report is generated and the process ends.
Returning now to step 420, if Ti<Trj (step 420:NO), then step 420 has a negative result, and as a result, control is transferred to step 430. At step 430, an error message is generated and logged. Then, at step 460, the table index j is incremented by 1. Afterward, the control returns to step 410 to begin processing a new table.
If all tables have not been processed (step 450:NO), then the control transfers to step 460. At step 460, the table index j is incremented by 1, and subsequently, control returns to step 410 to create a point-in-time view for the next table.
Xidi={Xid|C(Xid,Ti) is True},
where the function C(Xid,Ti)=true when the transaction begins before or at the time Ti and ends after the time Ti.
At step 540, all of the tables are locked in anticipation of being rollbacked and all related integrity constraints are disabled. Also, a loop is begun by setting a table index to j=1. At step 550, rows are deleted from the after image table whose timestamp>Ti or Xid⊂Xidi. In addition, control inserts into the after image table, rows from the before image table whose timestamp<=Ti and XidXidi and (cXid⊂Xidi or changing_timestamp>Ti).
At step 570, a determination is made as to whether all of the tables have been processed. If all tables have been processed (step 570:YES), then control is transferred to step 580. At this time, all of the tables to be rollbacked will have been rollbacked to the time Ti. At step 580, all related integrity constraints are enabled. If there are any errors, a SQL rollback command is issued to rollback the rollback. Also at step 580, all of the rollbacked tables are unlocked. At step 590, a final rollbacking tables to point-in-time report is generated and the process ends.
If any Tr>Ti, has a positive result (step 510:YES), then control transfers to step 520. At step 520 an error message is logged. Then, at step 590, an error report is generated and the process ends.
If it is determined at step 570 that all tables have not been processed (step 570=NO), then control is transferred to step 560. At step 560, the table index j is incremented by 1. Afterward, the control returns to step 550 to begin processing a new table to be rollbacked to the point-in-time Ti.
Xidi={Xid|C(Xid,Ti) is True},
where the function C(Xid,Ti)=true when the transaction begins before or at the time Ti and ends after the time Ti.
At step 610, the table is locked and all related integrity constraints are disabled. At step 620, the retention time Tr of the table is obtained from the Rollback Timestamp Tracking Table 341. At step 630, a determination is made as to whether Ti>=Tr. If step 630 has a positive result (step 630:YES), then control is transferred to step 650. At step 650, selected rows are deleted from the after image table whose timestamp>Ti or Xid⊂Xidi. In addition, control inserts into the after image table selected rows from the before image table whose timestamp<=Ti and XidXidi and (cXid⊂Xidi or changing_timestamp>Ti).
At this time, the selected rows of the table have been rollbacked to the time Ti or an error message is logged. At step 660, all related integrity constraints are enabled. If there are any errors, a SQL rollback command is issued to rollback the rollback. Also at step 660, the table is unlocked. At step 670, a final report of rollbacking selected rows in the table to point-in-time is generated and the process ends.
Returning now to step 630, if Ti>=Tr (step 630:NO), then step 630 has a negative result, and consequently, control is transferred to step 640. At step 640, an error message is logged and generated. Then, at step 660, all related integrity constraints are enabled and the table is unlocked. At step 670, an error message report is generated and the process ends.
At step 760, the transaction set Xids is rollbacked from the table TBj. Unlike rollbacking a new uncommitted transaction, the rollbacking of existing transactions is more complicated. For example, the data processed by the existing transactions may involve more transactions at later times. The logic of step 760 will be discussed below with respect to
At step 770, a determination is made as to whether all of the tables have been processed. If all tables have been processed (step 770:YES), then control is transferred the control to step 780. At this time, all transactions in the transaction id set Xids will have been rollbacked. At step 780, all related integrity constraints are enabled. If there are any errors, a SQL rollback command is issued to rollback the rollback. Also at step 780, the tables are unlocked. At step 790, a final transaction rollbacking report is generated and the process ends.
If it is determined at step 770 that all tables have not been processed (step 770:NO), then control is transferred to step 750. At step 750, the table index is incremented by 1. Then, control is transferred to step 760 where the transaction set Xids will be rollbacked from a new table.
Returning now to step 720, if Tts<=Trs, (step 720:NO), control is transferred to step 730. At step 730, an error message is logged. Then, an error message report is generated at step 790 and the process ends.
The two different business rules, referred to above, for rollbacking an existing committed transaction set Xids are the earliest transaction rule and the last transaction rule. More specifically, if the last transaction of a data rowXids, the after image of the latest transaction will stay after rollbacking the old transaction set Xids. If the last transaction of a data row⊂Xids, control will remove the after image of the last transaction from the after image table and insert into the after image table the before image of the earliest operation of the old transaction set Xids. This rule is referred to as the last transaction rule.
An alternative rule is referred to as the earliest transaction rule. Specifically, the earliest transaction rule ignores any later transaction. That is, all data rows on which the old transaction set Xids executed will be restored to the before image of the earliest operation of the old transaction set Xids.
The before image of a data row is the parent of the after image of the data row at the same transaction, and conversely, the after image is the child of the before image. Further, all of the data images can be grouped into data row families. Specifically, each data row family consists of zero or one after image and zero or more before images linked by an ancestral relationship. Moreover, each data row family can contain one or more life cycles. A life cycle begins when the data row is inserted into an after image table. The newly inserted after image is the oldest ancestor of this life cycle. Each updating on the data row generates a new child in the after image table and puts its parent into the before image table. The deletion of the data row marks the end of the life cycle and puts the youngest descendant of this life cycle into the before image table. When the data row is reinserted into the after image table, a new life cycle of the same data row family begins. The selected earliest before image of a data row is the oldest ancestor for the data row, in which one transaction in the transaction set Xids was executed.
Referring again to step 7602E, there is no more than one before image row returned for each data row family. Also at step 7602E, n is set to the number of returned rows and a returned row index is set to k=0. At step 7603, a determination is made as to whether n=0. If n is not equal to 0 (step 7603:NO), then control is transferred to step 7604. At step 7604, a loop is begun by starting the data row index at 1, i.e., k=k+1.
At step 7605E, the transaction set Xids on the data row k in the table TBj is rollbacked. If the returned transaction id Xid (k) of the row k⊂Xids and the changing transaction id cXid (k) is not equal to Xidrs, any after image of the row k from the after image table TBj is deleted, if it exists. Xidrs is the current transaction id. If the returned transaction Xid(k)Xids and the changing transaction id cXid(k)⊂Xids, any after image of the row k is deleted from the after image table TBj, if it exists. Also, the returned before image of the row k is inserted into the after image table TBj.
At step 7606, a determination is made as to whether all returned rows have been processed. If all of the returned rows have been processed (k>=n), then control is transferred to step 770 in
At step 7602L, before image rows from the before image table TBj are selected whose (Xid⊂Xids or cXid⊂Xids) as well as their descendants and group returned rows into families. Further, those families are removed whose earliest transaction Xid⊂Xids. Also, n is set to the number of remaining families and a returned family index is set to k=0. If n is not equal to 0 (step 7603:NO), then control is transferred to step 7604. At step 7604, a loop is begun by starting the data row family index to 1, i.e., k=k+1.
At step 7605L, the transaction set Xids is rollbacked on the data row family k in the table TBj. If the earliest transaction Xid(k)Xids and the last transaction cXid (k)=Xidrs, the earliest returned before image in the family k is inserted into the after image table TBj. Xidrs is the current rollbacking transaction id. If the earliest transaction Xid(k)Xids and the last transaction cXid(k)⊂Xids and no after image of the family k exists in the after image table TBj, the earliest returned before image in the family k is inserted into the after image table TBj.
At step 7606, a determination is made as to whether all returned data row families have been processed. If all of the returned data row families have been processed (k>=n), then control is transferred to step 770 in
The application data recovery to a point-in-time is faster and more efficient, and operates without using any log, incremental or delta backup image (i.e., full backup+incremental backup+log). The primary database provides any time image backup to the minimum retention period of all user tables. For a media failure, the database can be recovered from a backup copy of the database and log files. The application's errors and users' errors can be recovered online if the error occurred inside the retention period. If the point-in-time is outside of the minimum retention period, one can, for example, load the related before image tables to the primary or a secondary database from export files or set up a database instance using a backup image that covers the point-in-time. Since the backup strategies provide 100% redundancies, one can choose the backup image whose backup time is larger than any closest to the point-in-time.
At step 1100, a data row set DRSi is obtained by getting the union of two set of rows as follows:
- DRSi={Zero or one Selected Row from the after image table}∪{Zero or more Selected Rows from the before image table whose opcode is “D”}.
The returned row from the after image table represents the current life cycle, while the return row(s) from the before image table represent past life cycles.
At step 1110, a determination is made as to whether the set DRSi is empty. If the set DRSi is not empty (step 1110:NO), then step 1110 has a negative result and control is transferred to step 1120. At step 1120, a row index is set to j=0 and a row processing loop is begun. At step 1140, the row index is set to j=j+1, starting the row index at 1. Also, for the row Rj in the set DRSi, step 1140 recursively finds all rows whose changing_timestamp and changing_Xid equals the previous row's timestamp and Xid respectively. Then, the result is added to the final report.
At step 1150, a determination is made as to whether all of the rows in the DRSi have been processed. If all of the rows in the set DRSi have been processed (step 1150:YES), then step 1150 transfers control to step 1160. At this point, either the history of a single data row is obtained or an error message has been generated. At step 1160, a final history report is generated and the process ends. If all of the rows are determined not to have been processed at step 1150 (step 1150:NO), then step 1150 has a negative result and the control transfers back to step 1140 to process the next row.
If the set DRSi is empty (step 1110:YES), then step 1110 has a positive result, and control is transferred to step 1130. At step 1130, an error message is logged. Then, at step 1160, an error message is generated and the process ends.
At step 1200, the earliest starting time Tts of the transaction set Xids is obtained from the Transaction Ids Tracking Table 342. At step 1210, the latest retention time Trs of all tables related to the transaction set from the Rollback Timestamp Tracking Table 341 is obtained. At step 1220, a determination is made as to whether Tts>Trs. If step 1220 has a positive result (step 1220:YES), then control transfers to step 1240. At step 1240, a table index is set to j=1.
At step 1250, a loop is begun by starting the table index at 1. For each row in the before image table TBj whose opcode=D and cXid⊂Xids, a delete SQL statement is created. For each row in the before image table TBj whose opcode=U and cXid⊂Xids, an update SQL statement is created using the after image either in the after image table or the before image table connecting by whose (changing_timestamp, cXid)=(timestamp, Xid) in an after image row or a before image row. If the after image view has a unique key then the where clauses of the equivalent update and delete SQL statement use the unique key. Otherwise the where clause will use the full-before image of all columns of the after image view.
For each row in the before image table whose Xid⊂Xids and (timestamp, Xid) does exist in the before image as (changing_timestamp, cXid), an insert SQL statement is created. For each row in the after image table whose Xid⊂Xids and (timestamp, Xid) does not exist in the before image as (changing_timestamp, cXid), an insert SQL statement is created.
At step 1260, a determination is made as to whether all of the tables have been processed. If all tables have been processed (step 1260:YES), then control is transferred the control to step 1280. At this time, all equivalent SQL statements of the transaction id set Xids will have been reconstructed. At step 1280, the SQL statements are sorted based on the transaction timestamp and grouped by the transaction. At step 1290, a final reconstruction of equivalent SQL statements of the transaction set report is generated and the process ends.
If it is determined at step 1260 that all tables have not been processed (step 1260:NO), then control is transferred to step 1270. At step 1270, the table index is incremented by 1. Then, control is transferred to step 1250 where the equivalent SQL statements of the transaction set Xids will be reconstructed from a new table.
Returning now to step 1220, if Tts<=Trs, (step 1220:NO), control is transferred to step 1230. At step 1230, an error message is logged. Then, an error message report is generated at step 1290 and the process ends.
Inserting and deleting are only two data operations used in the application data recovery according to the principles of the present invention. The recovery operation also relates to undoing previous changes. The committed recovery operation can be undone as well. That is, in order to reapply or redo the previous changes, the recovery transactions are recovered again by rollbacking the recovery transactions, as illustrated in
It is noted that the before image tables do not protect the after image tables from being dropped or truncated or altered. Therefore, to prevent an application administrator from accidentally dropping or truncating or altering the after images and before images tables, the rollback management system 380 has a trigger for table dropping and altering and another trigger for table truncating, if the database vendor provides the table truncation functionality. If a table is under the control of the rollback management system 380, the triggers will prevent the table from being dropped or truncated or altered. However, if the application administrator wants to truncate or drop or alter the table, the administrator needs to export both the before and after image tables first, and then disable the triggers, in order to truncate or drop or alter the table. Depending on what the administrator wants to do with the table, the administrator may need to perform some database management duties.
That is, before an application administrator imports any after image table into the database, the administrator needs to make sure that the before image table will be consistent with the after image table after the import operation. The inserting trigger will be disabled during the import operation unless the imported data are new. The exported after image and before image tables can be imported to a new database. The inserting trigger will be disabled during the import operation in the new database.
Referring again to
The embodiment discussed until now may generally be referred to as transaction consistent with user tracking. According to an alternative embodiment of the present invention, all user information fields (userid, and changing_userid) may be removed from the after and before image tables. This embodiment, also referred to as a transaction consistent embodiment, maintains all of the functionalities of the embodiment discussed above, except as to the user tracking-related functionalities. That is, the transaction consistent embodiment may be desirable for those applications where user tracking is not important.
An application data recovery is more complicated than the rollback of an uncommitted transaction. When a user rollbacks an uncommitted transaction, no one can see the results of the transaction, except if the application is using a so-called dirty reading mode. Although a committed transaction can be rollbacked, it is almost impossible to rollback any committed transaction without leaving some impacts of rollbacked transactions intact. However, there is no tracking system to monitor which following transaction used the result of the transaction. Therefore, the application data recovery may involve other remedies as well.
If the boundary of committed transactions can be broken in the application recovery, then another embodiment of the present invention removes all the transaction id fields in the before and after image tables. This embodiment may be suitable for those applications whose database vendor does not provide easily accessible transaction id information and whose users cannot or do not want to change the application to provide an unique transaction id for each transaction. This embodiment inherits all functionalities discussed previously, except for rollbacking a selected transaction set. In this case, the crossing transaction set Xidi would be set to empty.
Transaction free time zones exist in almost all database applications. In this regard, the point-in-time may reside in a transaction free zone. In another embodiment, transaction consistent point-in-time views may be provided for generating summary reports, such as daily, monthly, quarterly, and yearly reports. To provide transaction consistent point-in-time views for those reports, the database administrator will set up some transaction free zones at predetermined times, (e.g., midnight, 0200 hours, etc.), lasting a few seconds each. In this way, the daily, monthly, quarterly, and yearly reports can be generated based on transaction consistent point-in-time views, referred to as a time-based embodiment with user tracking.
Another alternative embodiment is to remove all user information fields (userid, and changing_userid) in the after and before image tables of the time-based embodiment with user tracking, i.e., the time-based embodiment without user tracking. This embodiment has all the functionalities of the time-based embodiment with user tracking, except for the user tracking related functionality. This embodiment may be desirable for applications with no need to track users and whose database vendor does not provide easily accessible transaction id information, and whose users cannot or do not want to change the application to provide an unique transaction id for each transaction.
The userid and changing_userid in the above embodiments can be replaced by a session_id and a changing_session_id respectively; however, the associated functionality remains the same. The userid and changing_userid can obtained by joining the User Session Table 343. The session_id and changing_session_id are exchangeable with the userid and changing_userid in the following discussion of reconstructing the equivalent SQL statements of a user session and rollbacking a user session.
To facilitate the discussion, we create an in Session function to test whether or not a user execution belong to a session. The function in Session(sid, starting_timestamp, ending_timestamp, userid, timestamp) is true when the user id userid contains the session id (sid) and the user execution timestamp is larger or equal to the session starting_timestamp and the timestamp is less or equal to the session ending_timestamp. If the database vendor provides a unique session id over whole database life cycle, then the in Session function would be much simpler.
At step 1300, the starting time Tts, the ending time Tte and the session id sid of a user session are obtained from the User Session Tracking Table 343. At step 1310, the latest retention time Trs of all tables related to the user session from the Rollback Timestamp Tracking Table 341 is obtained. At step 1320, a determination is made as to whether Tts>Trs. If step 1320 has a positive result (step 1320:YES), then control transfers to step 1340. At step 1340, a table index is set to j=1.
At step 1350, a loop is begun by starting the table index at 1. For each row in the before image table TBj whose opcode=D and in Session(sid, Tts, Tte, changing_userid, changing_timestamp)=true, a delete SQL statement is created. For each row in the before image table TBj whose opcode=U and in Session(sid, Tts, Tte, changing_userid, changing_timestamp)=true, an update SQL statement is created using the after image of its child either in the after image table or the before image table. The parent's (changing_timestamp, changing_userid)=child's (timestamp, userid). If the after image view has a unique key, then the where clauses of the equivalent update and delete SQL statement use the unique key. Otherwise the where clause will use the full before image of all columns of the after image view.
For each parentless row in the before image table and the after image table whose in Session(sid, Tts, Tte, userid, timestamp)=true, an insert SQL statement is created. A row is parentless if its (timestamp, userid) does exist in the before image as (changing_timestamp, changing_userid).
At step 1360, a determination is made as to whether all of the tables have been processed. If all tables have been processed (step 1360:YES), then control is transferred the control to step 1380. At this time, all equivalent SQL statements of the user session will have been reconstructed. At step 1380, the SQL statements are sorted based on the transaction timestamp. At step 1390, a final reconstruction of equivalent SQL statements of the user session report is generated and the process ends.
If it is determined at step 1360 that all tables have not been processed (step 1360:NO), then control is transferred to step 1370. At step 1370, the table index is incremented by 1. Then, control is transferred to step 1350 where the equivalent SQL statements of the user session will be reconstructed from a new table.
Returning now to step 1320, if Tts<=Trs, (step 1320:NO), control is transferred to step 1330. At step 1330, an error message is logged. Then, an error message report is generated at step 1390 and the process ends.
At step 1460, the user session is rollbacked from the table TBj. Unlike rollbacking a new uncommitted transaction, the rollbacking of existing transactions is more complicated. For example, the data processed by the existing transactions may involve more transactions at later times. The logic of step 1460 will be discussed below with respect to
At step 1470, a determination is made as to whether all of the tables have been processed. If all tables have been processed (step 1470:YES), then control is transferred the control to step 1480. At this time, all transactions in the user session will have been rollbacked. At step 1480, all related integrity constraints are enabled. If there are any errors, a SQL rollback command is issued to rollback the rollback. Also at step 1480, the tables are unlocked. At step 1490, a final user session transaction rollbacking report is generated and the process ends.
If it is determined at step 1470 that all tables have not been processed (step 1470:NO), then control is transferred to step 1450. At step 1450, the table index is incremented by 1. Then, control is transferred to step 1460 where the user session will be rollbacked from a new table.
Returning now to step 1420, if Tts<=Trs, (step 1420:NO), control is transferred to step 1430. At step 1430, an error message is logged. Then, an error message report is generated at step 1490 and the process ends.
Referring again to step 14602E, there is no more than one before image row returned for each data row family. Also at step 14602E, n is set to the number of returned rows and a returned row index is set to k=0. At step 14603, a determination is made as to whether n=0. If n is not equal to 0 (step 14603:NO), then control is transferred to step 14604. At step 14604, a loop is begun by starting the data row index at 1, i.e., k=k+1.
At step 14605E, the transactions executed in the user session on the data row k in the table TBj are rollbacked. If the returned row k has in Session(sid, Tts, Tte, userid, timestamp)=true and (changing_userid, changing_timestamp) is not in the current session, any after image of the row k from the after image table TBj is deleted, if it exists. If the returned row k has in Session(sid, Tts, Tte, userid, timestamp)=false and in Session(sid, Tts, Tte, changing_userid, changing_timestamp)=true, any after image of the row k is deleted from the after image table TBj, if it exists. Also, the returned before image of the row k is inserted into the after image table TBj.
At step 14606, a determination is made as to whether all returned rows have been processed. If all of the returned rows have been processed (k>=n), then control is transferred to step 1470 in
At step 14602L, before image rows from the before image table TBj are selected whose in Session(sid, Tts, Tte, userid, timestamp)=true or in Session(sid, Tts, Tte, changing_userid, changing_timestamp)=true as well as their descendants and group returned rows into families. Further, those families are removed whose earliest transaction has in Session(sid, Tts, Tte, userid, timestamp)=true. Also, n is set to the number of remaining families and a returned family index is set to k=0. If n is not equal to 0 (step 14603:NO), then control is transferred to step 14604. At step 14604, a loop is begun by starting the data row family index to 1, i.e., k=k+1.
At step 14605L, the transactions executed in the user session are rollbacked on the data row family k in the table TBj. If the last transaction is executed in the current session, the earliest returned before image in the family k is inserted into the after image table TBj. If the last transaction has in Session(sid, Tts, Tte, changing_userid, changing_timestamp)=true and no after image of the family k exists in the after image table TBj, the earliest returned before image in the family k is inserted into the after image table TBj.
At step 14606, a determination is made as to whether all returned data row families have been processed. If all of the returned data row families have been processed (k>=n), then control is transferred to step 1470 in
Thus, an online method is provided for efficiently identifying the scope and timeframe of database errors, providing online history images, reconstructing the equivalent SQL statements of a committed transaction id set, reconstructing the equivalent SQL statements of a user session, providing a selective audit trail report on demand, and permitting selective online rollbacks in an application database. The rollback can be done on a single row, a single transaction, a group transactions, a user session, and/or on all user tables.
Although the invention has been described with reference to several exemplary embodiments, it is understood that the words that have been used are words of description and illustration, rather than words of limitation. Changes may be made within the purview of the appended claims, as presently stated and as amended, without departing from the scope and spirit of the invention in its aspects. Although the invention has been described with reference to particular means, materials and embodiments, the invention is not intended to be limited to the particulars disclosed; rather, the invention extends to all functionally equivalent structures, methods, and uses such as are within the scope of the appended claims.
In accordance with various embodiments of the present invention, the methods described herein are intended for operation as software programs running on one or more computer processors. Dedicated hardware implementations including, but not limited to, application specific integrated circuits, programmable logic arrays and other hardware devices can likewise be constructed to implement the methods described herein. Furthermore, alternative software implementations including, but not limited to, distributed processing or component/object distributed processing, parallel processing, or virtual machine processing can also be constructed to implement the methods described herein.
It should also be noted that the software implementations of the present invention as described herein are optionally stored on a tangible storage medium, such as: a magnetic medium such as a disk or tape; a magneto-optical or optical medium such as a disk; or a solid state medium such as a memory card or other package that houses one or more read-only (non-volatile) memories, random access memories, or other re-writable (volatile) memories. A digital file attachment to email or other self-contained information archive or set of archives is considered a distribution medium equivalent to a tangible storage medium. Accordingly, the invention is considered to include a tangible storage medium or distribution medium, as listed herein and includes art-recognized equivalents and successor media, in which the software implementations are stored.
Although the present specification describes components and functions implemented in the embodiments with reference to particular standards and protocols, the invention is not limited to such standards and protocols. For instance, such standards are periodically superceded by faster or more efficient equivalents having essentially the same functions. Accordingly, replacement standards and protocols having the same functions are considered equivalents.
Claims
1. A method of creating an online point-in-time view of an application table of an active database having at least one before image table and at least one after image table, the method comprising:
- retrieving a retention time of the application table;
- determining that a point-in-time is greater to or equal than the retention time; and
- creating the point-in-time view of the application table, the view comprising a union of a set of rows from the after image table having a timestamp less than or equal to the point-in-time and a set of rows from the before image table having a timestamp less than or equal to the point-in-time and having a changing timestamp greater than the point-in-time.
2. A method of creating an online point-in-time view of an application table of an active database having at least one before image table and at least one after image table, the method comprising:
- retrieving a transaction id set associated with a transaction id that begins before or at a point-in-time and ends after the point-in-time;
- retrieving a retention time of the application table;
- determining that the point-in-time is greater than or equal to the retention time; and
- creating the point-in-time view of the application table, the view comprising a union of a set of rows from the after image table having a timestamp that is less than or equal to the point-in-time and having a transaction id that is not a proper subset of the transaction id set, and a set of rows from the before image table having a timestamp less than or equal to the point-in-time, and having a transaction id that is not a proper subset of the transaction id set, and having a changing transaction id that is a proper subset of the transaction id set or having a changing timestamp that is greater than the point-in-time.
3. A method of rollbacking at least one table of an active database to a point-in-time, having at least one before image table and at least one after image table, the method comprising:
- retrieving a retention time for each of the at least one table;
- determining that none of the retention times for the at least one table is greater than the point-in-time;
- locking all tables to be rollbacked and disabling all related integrity constraints;
- deleting rows from each of the at least one after image table having a timestamp greater than the point-in-time;
- inserting into each of the at least one after image table, rows from the associated before image table having a timestamp less than or equal to the point-in-time and having a changing timestamp greater than the point-in-time; and
- enabling all related integrity constraints.
4. A method of rollbacking at least one table of an active database to a point-in-time, having at least one before image table and at least one after image table, the method comprising:
- retrieving a retention time for each of the at least one table;
- determining that none of the retention times for each of the at least one table is greater than the point-in-time;
- retrieving a transaction id set associated with a transaction id that begins before or at the point-in-time and ends after the point-in-time;
- locking all tables to be rollbacked and disabling all related integrity constraints;
- deleting rows from each of the at least one after image table having a timestamp greater than the point-in-time or having a transaction id that is a proper subset of the transaction id set;
- inserting into each of the at least one after image table, rows from the associated before image table having a timestamp less than or equal to the point-in-time and having a transaction id that is not a proper subset of the transaction id set, and having a changing transaction id that is a proper subset of the transaction id set or having a changing timestamp that is greater than the point-in-time; and
- enabling all related integrity constraints.
5. A method of rollbacking selected rows in a table of an active database to a point-in-time, the database having at least one before image table and at least one after image table, the method comprising:
- retrieving a retention time of the table;
- determining that the point-in-time is greater than or equal to the retention time;
- locking the table to be rollbacked and disabling all related integrity constraints;
- deleting selected rows from the after image table having a timestamp greater than the point-in-time;
- inserting into the after image table, selected rows from the before image table having a timestamp less than or equal to the point-in-time and having a changing timestamp that is greater than the point-in-time; and
- enabling all related integrity constraints.
6. A method of rollbacking selected rows in a table of an active database to a point-in-time, the database having at least one before image table and at least one after image table, the method comprising:
- retrieving a transaction id set associated with a transaction id that begins before or at the point-in-time and ends after the point-in-time;
- retrieving a retention time of the table;
- determining that the point-in-time time is greater than or equal to the retention time;
- locking the table to be rollbacked and disabling all related integrity constraints;
- deleting selected rows from the after image table having a timestamp greater than the point-in-time or having a transaction id that is a member of the transaction id set;
- inserting into the after image table, selected rows from the before image table having a timestamp that is less than or equal to the point-in-time and having a transaction id that is not a proper subset of the transaction id set, and having a changing transaction id that is a proper subset of the transaction id set or having a changing timestamp that is greater than the point-in-time; and
- enabling all related integrity constraints.
7. A method of obtaining a history of a single data row of a table of an active database, the database having at least one before image table and at least one after image table, the method comprising:
- retrieving a data row set comprising the union of zero or one selected row from the after image table and zero or more selected deleted rows from the before image table;
- determining that the data row set is not empty; and
- recursively finding all associated parent rows for each data row in the data row set.
8. The method according to claim 7, wherein the finding comprises recursively finding all rows having a changing timestamp that equals a previous row's timestamp, the previous row being associated with the rows.
9. The method according to claim 7, wherein the finding comprises recursively finding all rows having a changing timestamp and a changing transaction id that equals a previous row's timestamp and transaction id, the previous row being associated with the rows.
10. A method of rollbacking a transaction id set in a group of tables of an active database, the database having at least one before image table and at least one after image table, the method comprising:
- retrieving an earliest starting time of the transaction id set;
- retrieving a latest retention time for all of the tables;
- determining that the earliest starting time is greater than the latest retention time;
- locking all tables to be rollbacked and disabling all related integrity constraints;
- rollbacking the transaction id set in the group of tables; and
- enabling all related integrity constraints.
11. The method according to claim 10, further comprising:
- deleting rows from the after image table having a transaction id that is a member of the transaction id set;
- selecting earliest before image rows from the before image table having a transaction id that is a proper subset of the transaction id set, or having a changing transaction id that is a proper subset of the transaction id set, having an earliest timestamp;
- deleting any after image of a row from the after image table when a transaction id of the row is a proper subset of the transaction id set and a changing transaction id of the row is not equal to a current transaction id; and
- deleting any after image of a row from the after image table and inserting a before image from the row into the after image table when the transaction id of the row is not a proper subset of the transaction id set and the changing transaction id is a proper subset of the transaction id set.
12. The method according to claim 10, further comprising:
- deleting rows from the after image table having a transaction id that is a member of the transaction id set;
- selecting before image rows and any descendants from the before image table having a transaction id that is a proper subset of the transaction id set or having a changing transaction id that is a proper subset of the transaction id set;
- grouping the selected rows into families;
- removing any families having an earliest transaction id that is a proper subset of the transaction id set;
- inserting an earliest returned before image in a family into the after image table when the last changing transaction id of the family is equal to a current transaction id; and
- inserting an earliest returned before image in a family into the after image table when the last changing transaction id of the family is a proper subset of the transaction id set and if no after image of the family exists.
13. A method of rollbacking all transactions made in a user session of an active database, the method comprising:
- retrieving selected parameters associated with the user session;
- retrieving names of the tables used by a user and transaction ids made by the user during a session, the session being defined by a user login time and logout time;
- retrieving an earliest starting time of the transaction id set;
- retrieving a latest retention time for all of the tables;
- determining that the earliest starting time is greater than the latest retention time; and
- rollbacking the transaction set from the tables.
14. A system for use with an active database for performing at least one of online selectively rollbacking at least one application table or selected application data in at least one table, creating online point-in-time views of application tables, providing online history images associated with the database, reconstructing equivalent SQL statements of a committed transaction, reconstructing equivalent SQL statements of a user session, and providing a selective audit trail report on demand, the system comprising:
- a plurality of user application after image tables, wherein each of the tables has one before image table to store before images, and one after image view;
- a table comprising a table name field, a retention time field, and an export timestamp field;
- an image manager that creates image views; and
- a rollback manager that manages the first table.
15. The system according to claim 14, further comprising a second table including fields associated with a user session.
16. The system according to claim 14, further comprising a third table including fields associated with a transaction id, starting timestamp, and ending timestamp.
17. The system according to claim 14, the image manager further comprising:
- an inserting trigger that sets parameters for an inserted row in the after image tables;
- an updating trigger that inserts an original row into a before image table and sets parameters associated with the changed row in the after image tables and the before image tables; and
- a deleting trigger that inserts the original row into the before image table and sets parameters associated with the changed row in the before image tables.
18. The system according to claim 17, further comprising:
- a transaction trigger that records each transaction id.
19. The system according to claim 17, further comprising:
- a login/logout trigger that records a time when a user enters or exits the database.
20. The system according to claim 14, the after image tables further comprising at least one of a timestamp field, user id field, and transaction id field.
21. The system according to claim 14, wherein the rollback manager performs at least one of rollbacking at least one table to a point-in-time, rollbacking selected rows in a single table to a point-in-time, rollbacking a transaction id set in a group of tables, rollbacking all transactions made in a user session, reconstructing equivalent SQL statements of a transaction id set in a group of tables, reconstructing equivalent SQL statements of a user session in a group of tables, and providing a selective audit trail report on demand.
22. A computer readable medium containing instructions for implementing application tables in a database and tracking images, wherein the instructions comprise executable instructions for implementing:
- at least one after image table that stores current database images; and
- a before image table associated with each of the at least one after image table that stores previous images of the current database images,
- wherein the at least one after image table and the before image table are available for online viewing.
23. The computer readable medium according to claim 22, wherein each of the at least one after image tables further comprise at least one of a timestamp field, a userid field, and a transaction id field.
24. The computer readable medium according to claim 22, wherein each of the before image tables further comprise at least one of a changing timestamp field, a changing userid field, a changing transaction id field, and an opcode.
25. The computer readable medium according to claim 22, wherein each of the before image tables further comprise a field associated with a field in the associated after image table.
26. A method of reconstructing equivalent SQL statements of a transaction id set in a group of tables of an active database, the database having at least one before image table and at least one after image table, the method comprising:
- retrieving an earliest starting time of the transaction id set;
- retrieving a latest retention time for all related tables;
- determining that the earliest starting time is greater than the latest retention time;
- creating a delete SQL statement for each deleted row in each of the before image tables having a changing transaction id that is a proper subset of the transaction id set;
- creating an update SQL statement using the after image in one of the after image table or the before image table associated thereof by the relation that the timestamp and transaction id of an associated child row are equal to a changing timestamp and changing transaction id of an associated parent row, respectively, for each updated row in each of the before image tables having a changing transaction id that is a proper subset of the transaction id set;
- creating an insert SQL statement for each row in each of the before image tables having a transaction id that is a proper subset of the transaction id set and an associated timestamp and transaction id do not exist in the before image as the changing timestamp, changing transaction id; and
- creating an insert SQL statement for each row in each of the after image tables having a transaction id that is a proper subset of the transaction id set and an associated timestamp and transaction id do not exist in the before image as the changing timestamp, changing transaction id.
27. A method of reconstructing equivalent SQL statements of a transaction id set in a group of tables of an active database, the database having at least one before image table and at least one after image table, the method comprising:
- retrieving an earliest starting time of the transaction id set;
- retrieving a latest retention time for all related tables;
- determining that the earliest starting time is greater than the latest retention time;
- creating a delete SQL statement for each deleted row in each of the before image tables having a changing transaction id that is a proper subset of the transaction id set;
- creating an update SQL statement using an after image of an associated child row in one of the after image table or the before image table for each updated row in each of the before image tables having a changing transaction id that is a proper subset of the transaction id set; and
- creating an insert SQL statement for each row without an associated parent row in each of the before and after image tables having a transaction id that is a proper subset of the transaction id set.
28. A method of reconstructing equivalent SQL statements of all transactions made in a user session of an active database, the method comprising:
- retrieving selected parameters associated with the user session;
- retrieving names of tables used by a user and transaction ids made by the user during the session, the session being defined by a user login time and a user logout time;
- retrieving an earliest starting time of the transaction id set;
- retrieving a latest retention time for all of the tables;
- determining that the earliest starting time is greater than the latest retention time; and
- reconstructing equivalent SQL statements of the transaction id set from the tables.
29. A method of reconstructing equivalent SQL statements of all transactions made in a user session of an active database, the database having at least one before image table and at least one after image table, the method comprising:
- retrieving selected parameters associated with the user session;
- retrieving names of tables used by a user during the session, the session being defined by a user login time and a user logout time;
- retrieving a latest retention time for all of the tables;
- determining that the login time is greater than the latest retention time;
- creating a delete SQL statement for each deleted row in the before image tables having a changing userid containing a user session id and a changing timestamp between the session starting timestamp and the session ending timestamp;
- creating an update SQL statement using an after image of an associated child row in one of the after image tables or the before image tables for each updated row in the before image tables having a changing userid containing the user session id and a changing timestamp between the session starting timestamp and the session ending timestamp; and
- creating an insert SQL statement for each row without an associated parent row in each of the before and after image tables having a userid containing the user session id and a timestamp between the session starting timestamp and the session ending timestamp.
30. A method of creating a selective audit trail report associated with activities of an application database user during a particular period, the activities including a plurality of database sessions, the method comprising:
- retrieving userids and unique session ids associated with the user during the period;
- retrieving names of any tables having any transactions made during the database sessions with one of retrieved unique session ids;
- retrieving an earliest start time of the sessions;
- retrieving a latest retention time for all of the tables whose names were retrieved;
- determining that the starting time is greater than the latest retention time;
- reconstructing equivalent SQL statements for all of the sessions;
- associating each reconstructed update and delete statement with an associated changing session id, changing timestamp, and changing userid, and adding the changing transaction id to the association if the database provides the user with transaction id tracking; and
- associating each reconstructed insert statement with an associated session id, timestamp, and userid, and adding the transaction id to the association if the database provides the user with transaction id tracking.
31. A method of rollbacking transactions made in a user session in a group of tables of an active database, the database having at least one before image table and at least one after image table, the method comprising:
- retrieving a starting time, an ending time, a unique session id of the user session;
- retrieving a latest retention time for all of the tables;
- determining that the starting time is greater than the latest retention time;
- locking all tables to be rollbacked and disabling all related integrity constraints;
- rollbacking the transactions made in the user session in the group of tables; and
- enabling all related integrity constraints.
32. The method according to claim 31, wherein the unique session id comprises a unique session id provided by a database vendor.
33. The method according to claim 31, wherein the unique session id comprises a session id and the starting timestamp of the session.
34. The method according to claim 31, further comprising:
- deleting rows from the after image table having a unique session id that is equal to the user session's unique session id;
- selecting earliest before image rows, having an earliest timestamp, from the before image table having a unique session id that is equal to the user session's unique session id, or having a changing unique session id that is equal to the user session's unique session id;
- deleting any after image of a row from the after image table if a unique session id of the row is equal to the user session's unique session id and a changing unique session id of the row is not equal to a current session's unique session id; and
- deleting any after image of a row from the after image table and inserting a before image from the row into the after image table if the unique session id of the row is not equal to the user session's unique session id set and the changing unique session id is equal to the user session's unique session id.
35. The method according to claim 30, further comprising:
- deleting rows from the after image table having a unique session id that is equal to the user session's unique session id;
- selecting before image rows and any descendants from the before image table having a unique session id that is equal to the user session's unique session id or having a changing unique session id that is equal to the user session's unique session id;
- grouping the selected rows into families;
- removing any families having an earliest unique session id that is equal to the user session's unique session id;
- inserting an earliest returned before image in a family into the after image table when the last changing unique session id of the family is equal to a current session's unique session id; and
- inserting an earliest returned before image in a family into the after image table when the last changing unique session id of the family is equal to the user session's unique session id and if no after image of the family exists.
Type: Application
Filed: Dec 15, 2003
Publication Date: Jun 16, 2005
Patent Grant number: 7281023
Applicant: SBC Knowledge Ventures, L.P. (Reno, NV)
Inventor: Yongming Lou (Kansas City, MO)
Application Number: 10/734,112